More forcefully recommend MD5 over crypt authentication.

author Bruce Momjian

Mon, 24 Oct 2005 15:49:54 +0000 (15:49 +0000)

committer Bruce Momjian

Mon, 24 Oct 2005 15:49:54 +0000 (15:49 +0000)
author Bruce Momjian
Mon, 24 Oct 2005 15:49:54 +0000 (15:49 +0000)
committer Bruce Momjian
Mon, 24 Oct 2005 15:49:54 +0000 (15:49 +0000)
diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml

index a82b79bd7ddb85c5bf034ec7f578a9290f290f13..e4dff02fa81bef7d2af10b36644736b2b868baf8 100644 (file)
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -1,5 +1,5 @@
  
  
  
@@ -319,11 +319,16 @@ hostnossl  database  user
         
          crypt
          
+         
+         
+          This option is recommended only for communicating with pre-7.2
+          clients.
+         
+         
           
            Require the client to supply a crypt()-encrypted
            password for authentication.
-          md5 is preferred for 7.2 and later clients,
-          but pre-7.2 clients only support crypt.
+          md5 is now recommended over crypt.
            See  for details.
           
          
@@ -589,8 +594,8 @@ local   db1,db2,@demodbs  all                         md5
     
      If you are at all concerned about password
      sniffing attacks then md5 is preferred, with
-    crypt a second choice if you must support pre-7.2
-    clients. Plain password should especially be avoided for
+    crypt to be used only if you must support pre-7.2
+    clients. Plain password should be avoided especially for
      connections over the open Internet (unless you use SSL,
      SSH, or another
      communications security wrapper around the connection).
author	Bruce Momjian
	Mon, 24 Oct 2005 15:49:54 +0000 (15:49 +0000)
committer	Bruce Momjian
	Mon, 24 Oct 2005 15:49:54 +0000 (15:49 +0000)